edisonlabs / policy-verification
PHP library for policies verification and report.
Installs: 47 462
Dependents: 0
Suggesters: 0
Security: 0
Stars: 3
Watchers: 5
Forks: 1
Open Issues: 1
Requires
- symfony/config: ^6.2
- symfony/console: ^6.2
- symfony/dependency-injection: ^6.0
Requires (Dev)
- php-coveralls/php-coveralls: ^2.0
- phpunit/phpunit: ^6.5
This package is auto-updated.
Last update: 2024-10-13 15:49:22 UTC
README
Policy verification
Overview
Policy verification is a simple library that provides base classes for creating and reporting security policy checks.
Each policy check returns as a result whether the policy passes or not. Other information is also reported like the actions to be taken if the policy is failing.
Usage
This library does not provide any policy check by default. To create new checks, create a new Composer package and add a dependency to it.
composer require edisonlabs/policy-verification
Now create the policy check classes extending the base class provided by the library.
The classes must be created at /src/EdisonLabs/PolicyVerification
.
This is a requirement for the library to automagically locate and perform the checks during the report generation.
// File: /src/EdisonLabs/PolicyVerification/PhpVersion.php namespace EdisonLabs\PolicyVerification; use EdisonLabs\PolicyVerification\Check\AbstractPolicyCheckBase; class PhpVersion extends AbstractPolicyCheckBase { public function getName() { return 'PHP version'; } public function getDescription() { return 'Checks whether system is running a recent version of PHP'; } public function getCategory() { return 'PHP'; } public function getSeverity() { return parent::POLICY_SEVERITY_HIGH; } public function checkRequirements() { // Example of requirement verification. if (!is_array($this->getData())) { $this->setRequirementError('Invalid data'); } } public function check() { $phpVersion = phpversion(); if ($phpVersion[0] < 7) { $this->setAction('Upgrade to PHP 7 or greater'); $this->setResultErrorMessage('The system is running an older version of PHP'); return parent::POLICY_FAIL; } $this->setWarning('PHP 7.1 will have security support up to Dec 2019'); $this->setResultPassMessage('The system is running a recent version of PHP'); return parent::POLICY_PASS; } }
Configure the autoload in composer.json
.
"autoload": {
"psr-4": {
"EdisonLabs\\PolicyVerification\\": "src/EdisonLabs/PolicyVerification"
}
}
Re-create the Composer autoloader.
composer dump-autoload
Report
There are two ways to generate the policy check results report: programmatically and/or by command-line.
Programmatically
use EdisonLabs\PolicyVerification\Report; // Some custom data to pass to the policy checks. $data = array(); $report = new Report($data); // Prints the result summary. print_r($report->getResultSummary()); // Other report methods. $report->getChecks(); $report->getPassChecks(); $report->getScorePercentage(); $report->setData($data); $report->getData(); $report->getFailChecks(); $report->getActions(); $report->getPassChecksResultMessages(); $report->getFailChecksResultMessages(); $report->getRequirementErrors(); $report->getResult(); $report->getResultSummary(); $report->getScore(); $report->getTotalChecks(); $report->getWarnings(); $report->setCheck($check);
Command
The command is located at vendor/bin/policy-verification
. Include the vendor/bin
directory in the system $PATH
to run this command from anywhere.
Type policy-verification --help
to see all the available options.